Hackers find MongoDB unsecured databases to demand ransom

In recent years, more and more MongoDB database servers have been found without any security measures and are directly exposed to the Internet for exploration. For example, we have mentioned that a database of a small loan company has not encrypted and leaked 899 GB of user data. The reality is that there are many databases which they are not configured with security measures, and are then detected and easily accessed by various scanners. This also gives many hackers the opportunity to directly search for such servers for theft of data, or to delete the data and then use it to blackmail the database owner.

The researchers initially discovered the database on July 15th, and on July 18th the database content was completely deleted and left a message saying that the ransom was paid. The hacker indicates in the database that the entire database has been completely deleted, and if the database owner wants to get the data, he needs to pay $500. Of course, although only $500 is required to pay through bitcoin, the database was initially discovered without any security measures to protect it. This means that an attacker can simply modify, back up, or empty all data as if they had administrator privileges by simply connecting to their server address.

We use cookies to ensure that we give you the best experience on our website. By using and further navigating this website you accept this. Detailed information about the use of cookies on this website is available by clicking on Read more information.OkPrivacy policy